Malicious source code detection using a translation model

Modern software development often relies on open-source code sharing. Open-source code reuse, however, allows hackers to access wide developer communities, thereby potentially affecting many products. An increasing number of such “supply chain attacks” have occurred in recent years, taking advantage...

Descripción completa

Detalles Bibliográficos
Autores principales: Tsfaty, Chen, Fire, Michael
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Elsevier 2023
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10382987/
https://www.ncbi.nlm.nih.gov/pubmed/37521045
http://dx.doi.org/10.1016/j.patter.2023.100773
Descripción
Sumario:Modern software development often relies on open-source code sharing. Open-source code reuse, however, allows hackers to access wide developer communities, thereby potentially affecting many products. An increasing number of such “supply chain attacks” have occurred in recent years, taking advantage of open-source software development practices. Here, we introduce the Malicious Source code Detection using a Translation model (MSDT) algorithm. MSDT is a novel deep-learning-based analysis method that detects real-world code injections into source code packages. We have tested MSDT by embedding examples from a dataset of over 600,000 different functions and then applying a clustering algorithm to the resulting embedding vectors to identify malicious functions by detecting outliers. We evaluated MSDT’s performance with extensive experiments and demonstrated that MSDT could detect malicious code injections with precision@k values of up to 0.909.

Ejemplares similares